Grass isn’t always greener

Contributing Editor Nancy Derr-Castiglione, based, in Colorado, reports on issues faced by compliance officers and other banks in deciding whether to serve marijuana-related businesses. One hard question: What is and isn’t a “marijuana-related business”?

Marijuana seems to monopolize the attention of Colorado in so many ways—still.

It has been nearly three years since Colorado voters passed Amendment 64, with Colorado thus becoming the first state to legalize recreational sale and use of marijuana. Washington state passed a similar law at the same time, but its law did not become effective until after Colorado’s law became effective in January 2014, Washington thus becoming the second state to do so. Colorado and Washington have since been joined by Oregon, Alaska, and the District of Columbia, where pot is legal for recreational use. A number of states, including Colorado, already allow for the sale and use of marijuana for medicinal purposes.

Compliance, in the weeds

The daily news here in Colorado continues to be heavily populated with marijuana-related articles. It could be a story about how there are more hospital visits than ever before of children accidentally ingesting marijuana edibles that look like candy. Or it could be an article about the tourism benefit to the state from so many more people coming to Colorado to stay at the new “bud and breakfasts” popping up.

In Colorado, you have to be 21 years old to buy and use recreational marijuana. You can possess one ounce of marijuana or THC, which includes concentrated forms and edibles. You do not have to be a Colorado resident, but non-Colorado residents are restricted to buying only one-quarter of an ounce at a time.

The drug can’t be consumed in public. Of course, you can’t drive or operate machinery while under the influence. And there is a huge controversy about how long the substance remains in your system, so you had better not drive for days after you use it. Under the open container law, you can be arrested if the drug is in your vehicle and not in a sealed container. (And before you start to ask, no, I did not do any first-hand research.)

The main selling point for many people in voting for Amendment 64 was the tax revenue that the legalization of marijuana would bring to the state. News reports vary about how successful the law has been. According to the Colorado Department of Revenue, combined medicinal and recreational pot business is a $700 million industry. Combined tax revenue for 2014 was $63 million. The tax rate on legal marijuana is high—25% plus sales tax. It’s cheaper to buy it on the black market.

Conflicting guidance

It’s amusing to think about the marijuana businesses that have to pay their sizeable quarterly tax payments by walking down to the tax office with large bags of cash—since they can’t write a check or pay by credit card like everyone else.

The problem is that the thriving marijuana businesses cannot get banks to let them open bank accounts in order to conduct their business like normal, legal businesses. The banks and other financial institutions are afraid that they will be in trouble under federal law, where the possession and sale of marijuana is still illegal.

There have been a couple of attempts at federal guidance on the subject of what banks should or should not do. The Justice Department issued the “Cole memo” two years ago. The memo basically reiterated the federal government’s position that marijuana is a dangerous illegal drug, but that certain priorities are going to be applied to enforcement of drug laws, such as preventing revenue from the legal sale of marijuana deviating to criminal activities or moving into states where it is not legal.

FinCEN later issued guidance to financial institutions about filing suspicious activity reports (SARs). The FinCEN guidance says that a financial institution is required to file a SAR on activity derived from illegal activity, and a marijuana-related business is an illegal activity under federal law.

If a financial institution does choose to provide financial services to a marijuana business, a SAR must be filed, regardless of its status under state law. If a SAR is filed and the business remains a customer of the institution, a SAR will have to be filed every 90 days for as long as the business remains a customer.

Some institutions have tried this, based on the FinCEN guidance, only to be convinced by examiners that their acceptance of marijuana businesses is not legally appropriate and should be discontinued altogether.

That has been the state of affairs for more than two years now. There had been promises of more guidance and more clarification about how to deal with the difficult dilemma that financial institutions (and, of course, the marijuana businesses) find themselves in when it comes to the conflicting federal and state law.

But there has only been silence from Washington. There is not silence from the local examiners, however. They come to the banks with various opinions and interpretations of the guidance.

State of confusion

There’s not only confusion in the financial sector. For example, it is legal to use and possess marijuana in Colorado unless you are in a part of the state that is considered federal land, such as Rocky Mountain National Park or a national wildlife area. Additionally, the U.S. Postal Service does not allow marijuana to be mailed through the postal system, even if it is being mailed within the state of Colorado or to a state where marijuana also is legal.

Since the use of marijuana remains prohibited by federal law, you can still get fired for testing positive for pot in a random drug test from your employer, and not just if the employer is the federal government. Brandon Coats, a Dish employee, found this out when he was fired for smoking marijuana that he said he used to control seizures. Public schools are afraid of losing their federal funding if they allow a quadriplegic student with cerebral palsy to wear a cannabis patch prescribed for symptom relief while on school grounds.

Not only does the general public spend a considerable amount of time hearing about all these issues and stories, but bank compliance officers, and particularly Bank Secrecy Act/Anti-Money Laundering specialists, are spending an inordinate amount of time dealing (no pun intended) with the headache that marijuana laws in Colorado have become.

Without taking a scientific poll, it would be fair to say that most, if not all, banks in Colorado have a policy of not accepting marijuana businesses as their customers. That is to say, knowingly accepting as their customers.

Marijuana businesses know that financial institutions are not willing to take the risk of accepting them as customers, so if they haven’t given up altogether, they may decide to attempt a backdoor approach.

For example, many marijuana businesses have tried to use the owner’s personal bank account under the individual name until the bank catches on. Another approach is to set up a business under a generic name, such as Castiglione, LLC, whose name does not offer a clue about the type of business it is in. The business provides easily obtained articles of organization and a certificate of good standing from the secretary of state’s office and a tax identification number from the IRS.

Only after a period of monitoring by the bank’s BSA officer as well as site visitations may the true nature of the business be identified. Colorado banks are now at the point of having to be concerned with most new business and nonbusiness customers, given the potential for any of those customers to be hidden marijuana businesses or marijuana business owners.

[Editor’s note: Denver’s Fourth Corner Credit Union, specifically founded to serve the marijuana business, sued the Federal Reserve Bank of Kansas City and the National Credit Union Administration in late July. The credit union’s suits concern the Denver Fed branch’s refusal to open a master account for the credit union and NCUA’s refusal to approve the state-chartered credit union for federal deposit insurance.]

Appeal hard to resist

There also is the mass appeal of the marijuana industry and its profit potential to the entire community. Some businesses are finding it too difficult to stay out of the marijuana business. Farmers are moving away from corn and pumpkins to marijuana, for obvious reasons. Warehouses that would normally rent for $17 a square foot will rent for triple that amount to a marijuana-growing business because they can get it.

It’s not necessarily a problem of not identifying marijuana-related businesses as high-risk customers. It’s a problem of identifying them in the first place. It’s not just a matter of detecting the smell of marijuana on large bags of cash deposited at the teller window by a customer.

There’s also the example of the “business consulting” company that recently opened an account and only makes cash deposits and withdrawals. Or, the nail salon that has a retail location, but never seems to be open when the account officer drives by. Yet the salon makes large weekly cash deposits on a regular basis.

If those types of marijuana businesses weren’t enough to worry about, then there are the ancillary marijuana businesses that financial institutions also have to decide whether to bank and whether the bank has enough resources to manage the increased risk associated with maintaining those relationships.

If the bank decides to accept the business as a customer, it must be treated as a higher-risk customer and be evaluated, monitored, and documented.

There are endless examples of ancillary businesses—a local plumber who installed a plumbing system for the marijuana grow house and was paid in cash; even the local bank director who, as a partner in an entity that owns a shopping mall including a marijuana store, receives rental income from a marijuana business.

Not just for compliance

Regulators evaluating a bank’s Bank Secrecy Act/Anti-Money Laundering compliance program will expect that the bank has controls in place and a strong customer due diligence process to monitor customers deemed to be higher risk.

The loan department is not excluded from the action. Each connection to a marijuana business involving a loan customer must be scrutinized and investigated. The connection to a marijuana business could be either too close, making the business relationship too risky for the bank, or just remote enough to allow the loan to proceed, but to still necessitate filing a SAR. Possibly, it is so remote that no SAR is required at all.

One Colorado bank had an existing loan that was being evaluated for renewal. The guarantor provided a current financial statement, which included a new significant asset (a note receivable). When asked about it, the guarantor informed the bank it was a loan to an individual to build a marijuana grow greenhouse. The BSA officer was alerted, and had to make a determination as to whether the marijuana connection warranted a SAR filing under the FinCEN guidance. (In the end, the bank didn’t file one.)

There are many other examples of loans involving businesses that derive some type of income from marijuana businesses. There are retail shopping centers that include a marijuana outlet. There are accountants who provide tax and accounting services for marijuana businesses. There are companies that provide marketing and signage products for marijuana businesses.

Some banks are filing SARs on the most remote connection to a marijuana-related business because of examiner pressure. A HVAC contractor that does a one-time repair for a marijuana business and gets paid for that job shouldn’t be placed on the bank’s high-risk list because of that. However, it may be necessary to distinguish that HVAC contractor from a public relations company that specializes in the marijuana industry.

There are no clear answers. Either way, a lot more time and effort goes into making and documenting as well as defending the decision.

Until the federal government clarifies the banking issue related to marijuana businesses, the problem is going to continue to get worse as more states vote to legalize marijuana.

"Lucy and Nancy’s Common Sense Compliance” is blogged by both Lucy Griffin and Nancy Derr-Castiglione, both Banking Exchange contributing editors on compliance. Nancy, a Certified Regulatory Compliance Manager, is owner of D-C Compliance Services, an independent regulatory compliance consulting services business that has provided expertise in compliance training, monitoring, risk assessment, and policies and procedures to financial institutions since 2002. Previously, Nancy held compliance positions with Bank One Corporation and with United Banks of Colorado. In addition to serving as a Contributing Editor of Banking Exchange, Nancy has served on the ABA Compliance Executive Committee; National and Graduate Compliance Schools board; conference planning committees, and the Editorial Advisory Board for the ABA Bank Compliance magazine. She can be reached at [email protected]